package com.zb.mvc.filter;

import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang3.StringUtils;

import com.zb.entity.system.OmsOperList;
import com.zb.mvc.controller.base.BaseAction;

public class AuthenticationFilter implements Filter
{
	private final static String homePage = "/manageView/index.html";
	private String[] exclusions;
	private String[] excludedExts;
	//	private String forbiddenPath;
	//	private String loginPath;

	//	private OperListService operListServiceImpl;

	@Override
	public void destroy()
	{
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
	{
		HttpServletRequest req = (HttpServletRequest) request;

		HttpServletResponse rep = (HttpServletResponse) response;
		String uri = req.getRequestURI();
		String contextPath = req.getContextPath();
		if (uri.equals(contextPath + "/") || (contextPath + homePage).equals(uri))
		{
			chain.doFilter(request, response);
			return;
		}

		if (exclusions != null)
		{
			for (String excl : exclusions)
			{
				if (uri.contains(excl))
				{
					chain.doFilter(request, response);
					return;
				}
			}
		}

		if ((contextPath + homePage).equals(uri))
			return;

		//获取到当前登录的用户
		HttpSession session = req.getSession();
		OmsOperList oper = (OmsOperList) session.getAttribute(BaseAction.CommonParam.SESSION_USER);

		if (oper == null)
		{
			rep.sendError(HttpServletResponse.SC_UNAUTHORIZED);
		}
		else
		{
			//1、判断该运营商是否为超级运营商或者角色是否有权限操作
			if (oper.getIsSupper() == 1)
			{
				chain.doFilter(request, response);
				return;
			}
			else
			{
				if (uri != null)
				{
					String[] temp = uri.split("\\.");
					String urlExt = null;
					if (temp != null && temp.length >= 2)
						urlExt = temp[temp.length - 1];
					if (StringUtils.isNotEmpty(urlExt) && excludedExts != null && excludedExts.length > 0)
					{
						for (String ext : excludedExts)
						{
							if (urlExt.equalsIgnoreCase(ext))
							{
								chain.doFilter(request, response);
								return;
							}
						}
					}

					for (Pattern authUrlPattern : oper.getUrlPatterns())
					{
						Matcher m = authUrlPattern.matcher(uri);
						if (m.find())
						{
							chain.doFilter(request, response);
							return;
						}
					}
				}
				rep.sendError(HttpServletResponse.SC_FORBIDDEN);

			}
		}
	}

	@Override
	public void init(FilterConfig fConfig) throws ServletException
	{
		String exclude = fConfig.getInitParameter("exclusions");
		String exts = fConfig.getInitParameter("excludedExts");

		//		loginPath = fConfig.getInitParameter("loginPath");
		//		forbiddenPath = fConfig.getInitParameter("forbiddenPath");
		if (StringUtils.isNotEmpty(exclude))
			exclusions = StringUtils.split(exclude, ",");
		if (StringUtils.isNotEmpty(exts))
			this.excludedExts = StringUtils.split(exts, ",");

	}

}
